Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Lifter] Couldn't find target for type #214

Open
NeoQuix opened this issue Apr 6, 2023 · 4 comments
Open

[Lifter] Couldn't find target for type #214

NeoQuix opened this issue Apr 6, 2023 · 4 comments
Assignees
Labels
bug Something isn't working priority-high High priority issue upstream

Comments

@NeoQuix
Copy link
Collaborator

NeoQuix commented Apr 6, 2023

What happened?

Error in bin/esentutl.exe in 0x14001bee0
[frontend.py:140 create_task()] ERROR - Failed to decompile ?TickOSTimeCurrent@@YAKXZ, error during CFG creation: Couldn't find target for type
Traceback (most recent call last):
  File "/home/neoquix/Git-Repos/DeWolf/decompile.py", line 76, in <module>
    main(Decompiler)
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/util/commandline.py", line 80, in main
    task = decompiler.decompile(function_name, options)
  File "/home/neoquix/Git-Repos/DeWolf/decompile.py", line 50, in decompile
    task = self._frontend.create_task(function, task_options)
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/frontend.py", line 142, in create_task
    raise e
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/frontend.py", line 129, in create_task
    cfg = self._extract_cfg(function.function, options)
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/frontend.py", line 161, in _extract_cfg
    return parser.parse(function)
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/parser.py", line 34, in parse
    index_to_BasicBlock[basic_block.index] = BasicBlock(basic_block.index, instructions=list(self._lift_instructions(basic_block)))
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/parser.py", line 77, in _lift_instructions
    if lifted_instruction := self._lifter.lift(instruction):
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/lifter.py", line 28, in lift
    if pseudo_expression := handler(expression, **kwargs):
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/handlers/controlflow.py", line 25, in lift_branch
    condition = self._lifter.lift(branch.condition, parent=branch)
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/lifter.py", line 28, in lift
    if pseudo_expression := handler(expression, **kwargs):
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/handlers/conditions.py", line 40, in lift_condition
    operation, [self._lifter.lift(condition.left, parent=condition), self._lifter.lift(condition.right, parent=condition)]
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/lifter.py", line 28, in lift
    if pseudo_expression := handler(expression, **kwargs):
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/handlers/unary.py", line 55, in lift_dereference_or_global_variable
    load_operand : UnaryOperation = self._lifter.lift(operation.src, parent=operation)
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/lifter.py", line 28, in lift
    if pseudo_expression := handler(expression, **kwargs):
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/handlers/constants.py", line 64, in lift_constant_pointer
    if string_variable := self._get_read_only_string_data_var(view, pointer.constant):
  File "/home/neoquix/Git-Repos/DeWolf/decompiler/frontend/binaryninja/handlers/constants.py", line 134, in _get_read_only_string_data_var
    if data_var and not isinstance(data_var.value, bytes):
  File "/opt/binaryninja/python/binaryninja/binaryview.py", line 9061, in value
    return self._sdv.value
  File "/opt/binaryninja/python/binaryninja/binaryview.py", line 8914, in value
    return self._value_helper(self.type, self.view.read(self.address, len(self.type)))
  File "/opt/binaryninja/python/binaryninja/binaryview.py", line 8954, in _value_helper
    raise ValueError("Couldn't find target for type")
ValueError: Couldn't find target for type

How to reproduce?

Decompile esentutl at 0x14001bee0.

Affected Binary Ninja Version(s)

3.3.3996

@NeoQuix NeoQuix added bug Something isn't working priority-high High priority issue labels Apr 6, 2023
@NeoQuix
Copy link
Collaborator Author

NeoQuix commented Apr 12, 2023

Upstream BNinja error.

A DataVariable should always have a value, but here bninja has a problem with the type of the value.
(enum hrtttype; knows type, but can't interpret value?)

@NeoQuix
Copy link
Collaborator Author

NeoQuix commented Apr 12, 2023

All methods with enum hrttType have the issue.

Technically we could check for the value before accessing it, but that would make the code waaaaaay harder to read.

@NeoQuix NeoQuix added the blocked Is blocked by another issue label Apr 13, 2023
@NeoQuix
Copy link
Collaborator Author

NeoQuix commented Jun 20, 2023

Temporary fixed by using an "Unknown value" for Datavariables with NamedTypeRef type.

@NeoQuix NeoQuix added upstream and removed blocked Is blocked by another issue labels Aug 10, 2023
@NeoQuix
Copy link
Collaborator Author

NeoQuix commented Aug 23, 2023

Update for v3.5.445:

  • fixed in their GUI but not in python API....

@NeoQuix NeoQuix self-assigned this Aug 23, 2023
blattm added a commit that referenced this issue Jun 18, 2024
0x6e62 added a commit that referenced this issue Aug 22, 2024
* Pop

* fix bug related to duplicate lifiting of enum types

* stabilize struct handling

* format

* add type names to struct defs and detect complex strings

* enum fix for #214

* fix format

* rename StructTesting to StructConstant

* update globals.py doc

* rename functions and fix signature

* inline string structs by default

* fix format

* rename flags

* fix StructConstant's hash

* move constants in cexpressingenerator together

* remove unused variables

* remove duplicate code

* add docstrings

* remove TODO

* removed unnecessary parameters for clarity

* add/improve docstrings for enum/struct/union type lifting

* improve struct hash calculation

* add docstrings

* shallow copy structs and arrays

* change struct __str__ to output dictionary

* add comment

---------

Co-authored-by: Manuel Blatt <manuel.blatt@fkie.fraunhofer.de>
Co-authored-by: Manuel Blatt <45859907+blattm@users.noreply.github.com>
Co-authored-by: Niklas Bergmann <97505753+0x6e62@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working priority-high High priority issue upstream
Projects
None yet
Development

No branches or pull requests

1 participant